A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keys[department] results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Sun, 21 Sep 2025 04:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keys[department] results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. | |
Title | kuaifan DooTask UsersController.php sql injection | |
Weaknesses | CWE-74 CWE-89 |
|
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-09-21T04:32:06.811Z
Reserved: 2025-09-20T07:07:08.848Z
Link: CVE-2025-10762

No data.

No data.

No data.

No data.